The multiple accounts is by design and should be fine. Sorry I missed the full post earlier. I just added a pinned post with a link to the possible error codes you can get from /token
Common Error Codes/Causes to `/token` and the API
try the post without the query params, put the params as x-www-form-urlencoded
params in the body, and the credentials as a properly formatted Basic Auth header. Let me know how that goes.